<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org" xmlns:sec="http://www.thymeleaf.org/extras/spring-security">
<head>
    <meta charset="UTF-8">
    <title>首页</title>
</head>
<body>

<!--    <div sec:authorize="hasRole('vip1')">-->
        <a href="level1/1">level1/1.html</a>
        <a href="level1/2">level1/2.html</a>
        <a href="level1/3">level1/3.html</a>
<!--    </div>-->
    <div sec:authorize="hasRole('vip2')">
        <a href="level2/1">level2/1.html</a>
        <a href="level2/2">level2/2.html</a>
        <a href="level2/3">level2/3.html</a>
    </div>
    <div sec:authorize="hasRole('vip3')">
        <a href="level3/1">level3/1.html</a>
        <a href="level3/2">level3/2.html</a>
        <a href="level3/3">level3/3.html</a>
    </div>


<hr>
<!--isAuthenticated()方法的意思就是这个用户是否已经登录了  取反就表示没有登录就显示登录超链接-->
<div sec:authorize="!isAuthenticated()">
    <a th:href="@{/toLogin}">登录</a>
</div>


<div sec:authorize="isAuthenticated()">
    <p>
        用户名：<span sec:authentication="name"></span>
        角色/权限：<span sec:authentication="principal.authorities"></span>
    </p>
    <a th:href="@{/logout}">注销</a>
</div>


</body>
</html>